Kenya’s leading telecommunications provider, Safaricom has been slapped with a huge lawsuit for allegedly violating data privacy of its consumers.
This was filed at High Court last week where one Benedict Kabugi accused Safaricom of breaching the privacy of its customers. Apparently they breached data of 11.5 million customers by exposing their sports betting history and biodata.
“The data, which the petitioner herein viewed personally, was specific to gamblers who had used their Safaricom mobile numbers to gamble on various betting platforms registered in Kenya,” the petition said.
Apparently, the data allegedly had specific details identifying subscribers which includes full names, their phone numbers, identity numbers, passport numbers, gender, age and total amounts gambled.
The plaintiff wants Safaricom to pay Kshs 10 million each to the 11.5 million subscribers that were affected. “I have filed this petition under article 22(1), 22(2) (b), 22 (2) (c), 258 (1) (2) of the Constitution Section 4 of the consumer protection act,” he said in the petition.
He said that on May 18th, he was approached by a person called Mark who had in his possession of Safaricom data estimated at 11.5 million subscribers. Kabugi apparently said he reported the matter at Safaricom headquarters after police too long to act on the matter.
It gets interesting. On June 6 2019, he was arrested and taken to DCI and was forced to write a statement on data issues. The cooperation led to the arrest of two Safaricom employees who were charged with demanding Kshs 300 million from Safaricom and interfering with the company’s data.
Later on a team from Safaricom joined the probe and he was detained at Gigiri and taken to Milimani Law Courts before being charged. According to Kabugi, the charging of the two employees was confirmation that Safaricom data was accessed, messed and interfered with.